Vulnerabilities > Pisignage

DATE CVE VULNERABILITY TITLE RISK
2020-01-06 CVE-2019-20354 Path Traversal vulnerability in Pisignage
The web application component of piSignage before 2.6.4 allows a remote attacker (authenticated as a low-privilege user) to download arbitrary files from the Raspberry Pi via api/settings/log?file=../ path traversal.
network
low complexity
pisignage CWE-22
4.0